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DETAIL ACTION 

1 . This action is in response to amendment filed on 8/2/201 1 . Claims 1 , 1 1 , 21 and 
22 are amended. Claims 3 and 13 are canceled. Claims 1, 2, 4-12 and 14-22 are 
pending. 

Claim Rejections - 35 USC § 101 

35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

Claims 11, 12, 1 4-20 are rejected under 35 U.S.C. 1 01 as not falling within one of 
the four statutory categories of invention. While the claims recite a series of steps or 
acts to be performed, a statutory "process" under 35 U.S.C. 101 must (1) be tied to 
particular machine, or (2) transform underlying subject matter (such as an article or 
material) to a different state or thing. See page 10 of In Re Bilski 88 USPQ2d 1385. The 
instant claims are neither positively tied to a particular machine that accomplishes the 
claimed method steps nor transform underlying subject matter, and therefore do not 
qualify as a statutory process. The access control method including steps of 
authenticating and storing are broad enough that the claim could be completely 
performed mentally, verbally or without a machine nor is any transformation apparent. 
For example a purpose can conceivably authenticate another person by looking a photo 
id that has attribute pertaining to that person and subsequently write information 
concerning that person on paper and store it in a file cabinet. 
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Claim 21 is rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. The Examiner notes applicant's claim 21 is 
drawn to a computer program. The Examiner notes that the MPEP recites that a 
program not resident to some form of a "computer readable medium" is considered to 
be non-statutory. Additionally the current office position maintains that the "medium" 
must be non-transitory. 



Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

This application currently names joint inventors. In considering patentability of 

the claims under 35 U.S.C. 103(a), the examiner presumes that the subject matter of 

the various claims was commonly owned at the time any inventions covered therein 

were made absent any evidence to the contrary. Applicant is advised of the obligation 

under 37 CFR 1 .56 to point out the inventor and invention dates of each claim that was 

not commonly owned at the time a later invention was made in order for the examiner to 

consider the applicability of 35 U.S.C. 103(c) and potential 35 U.S.C. 102(e), (f) or (g) 

prior art under 35 U.S.C. 103(a). 
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2. Claims 1 , 2, 4-1 2 and 1 4-22 are rejected under 35 U.S.C. 1 03(a) as being 
unpatentable over Hearns et al. (US Patent Publication No. 2005/0091 522 and Hearns 
hereinafter) in view of Wissenbach et al. (US Patent Publication No. 2004/0243772 and 
Wissenbach hereinafter) and further in view of Fong et al (US Patent Publication No. 
2005/0050175 and Fong hereianfter). 

3. As to claims 1 , 11,21 and 22, Hearns teaches a access control system for 
controlling access to data stored on at least one data storage medium of a computing 
system (i.e., ...teaches access control for partition storage [par. 140]), the access 
control system comprising: authentication means to authenticate users permitted to 
access data stored in the at least one data storage medium (i.e., ...teaches using login 
credential (e.g., user password) to authenticate a user [par. 138-140], the authentication 
means authenticating users as a super user (e.g., administrator) or a normal user (e.g., 
user) (i.e., ...discloses both a administrator and user authentication means [par. 160]); a 
database arranged to store a separate data access profile file for each user permitted to 
access data stored in the at least one data storage medium (i.e., ...teaches maintaining 
data access profiles for each user [par. 158]); wherein each data access profile includes 
information indicative of the degree of access permitted by the user associated with the 
data access profile to data stored in the at least one data storage medium (i.e., 
...teaches the security device 35 only allows or disallows access to relevant partitions 
and files within the storage media 21 in conformance with the set user data access 
profile [par. 151]); 
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wherein if a first user is authenticated as a normal user (i.e., ...teaches 
authenticating a regular user [par. 138-141]), 

Hearns teachings do not expressly teach applicant's claim limitations of: 
wherein each data access profile includes both a master data access profile and 
wherein the master data access profile is modifiable by a super user but not by a normal 
user wherein if a first user is authenticated as a normal user. The Examiner notes in this 
instance the teaching of prior art reference Wissenbach. Wissenbach's teachings 
establishes that the concept of maintaining two types of user profiles for a particular 
user was known at the time of applicant's original filing date. Wissenbach's teachings 
disclose the use of a customize profile (e.g., current data access profile) or default 
profile (e.g., master access profile) for a particular user. See Wissenbach paragraphs 
33 and 34. Wissenbach's teachings additionally disclosed that a super user can modify 
a user's profile. See Wissenbach paragraph 33 and 34. Therefore given the system 
disclosed above by Hearns, a person of ordinary skill in the art would have recognized 
the advantage of modifying the system to enhance access security for partition storage 
by employing the Wissenbach's concept of maintaining two profiles for a given user. 

The teachings of Hearns and Wissenback do not expressly teach: 

the current data access profile of the first user is being modifiable by the first user 
within parameters defined by the master data access profile. In this instance the 
Examiner notes the teachings of prior Fong. Fong discloses allowing profile data to be 
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changed within the scope of template profile data (e.g., master access profile). 
Additionally the Examiner notes that the applicant discloses in paragraph 45 that the 
current profile values are modifiable as defined by the master access profile. Therefore 
given the system disclosed above by Hearns and Wissenback, a person of ordinary skill 
would have recognized the advantage of modifying the system to enhance access 
profile maintainability by employing Fong's capability to allow profile parameter data to 
be modified in accordance to a base line profile (e.g., master access profile). 

4. As to claims 2 and 1 2, the system of Hearns discloses utilizing profile data for the 
purpose of access control however the system does not disclose an access control 
system further comprising profile setting means arranged to facilitate creation of the 
master and current access profiles. The Examiner notes in this instance the teaching of 
prior art reference Wissenbach. Wissenbach's teachings establishes that the concept of 
maintaining two types of user profiles for a particular user was known at the time of 
applicants original filings. Wissenbach's teachings disclose the use of a customized 
profile (e.g., current data access profile) or default profile (e.g., master access profile) 
for a particular user. See Wissenbach paragraphs 33 and 34. Wissenbach's additionally 
disclosed that a super user can modify a user's profile. See Wissenbach paragraph 33 
and 34. Therefore given the system disclosed above by Hearns, a person of ordinary 
skill in the art would have recognized the advantage of modifying the system to enhance 
access security for partition storage by employing the Wissenbach's concept of 
maintaining two profiles for a given user. 
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6. 3. (Cancelled). 

7. As to claim 4 and 14, the system of Hearns and Wissenback discloses utilizing 
profile data for the purpose of access control however the system does not disclose a 
access control system where said access control system is activatable so as to permit 
modification of the current access profile and deactivatable so as to prevent 
modification of the current access profile. In this instance the Examiner notes the 
teachings of prior Fong. Fong discloses allowing profile data to be changed within the 
scope of template profile data (e.g., master access profile). Additionally the Examiner 
notes that the applicant discloses in paragraph 45 that the current profile values are 
modifiable as defined by the master access profile. Therefore given the system 
disclosed above by Hearns and Wissenback, a person of ordinary skill would have 
recognized the advantage of modifying the system to enhance access profile usage by 
employing Fong's capability to allow profile parameter data to be modified in 
accordance to a base line profile data (e.g., master access profile). 

8. As to claims 5 and 1 5, Hearns teaches an access control system where the 
access control system is implemented at least in part in the form of software [par. 125]. 

9. As to claims 6 and 16, Hearns teaches an access control system where the 
access control system is implemented at least in part in the form of hardware [par. 127]. 
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1 0. As to claims 7 and 1 7, Hearns teaches an access control system, wherein the 
access control system is arranged to govern user access profiles used by a security 
device configured to control access to a data storage medium (i.e., ...teaches access 
control for partition storage [par. 140]). 

11. As to claims 8 and 1 8, Hearns teaches an access control system where the 
security device is implemented at least in part in hardware and is of a type located 
between a data storage medium of a computing system and a CPU of the computing 
system [fig. 1]. 

1 2. As to claims 9 and 1 9, Hearns teaches a access control system where the 
security device is implemented at least in part in hardware and is of a type incorporated 
into bus bridge circuitry of a computing system [par. 127]. 

1 3. As to claims 1 0 and 20, the system of Hearns and Wissenback discloses utilizing 
profile data for the purpose of access control however the system does not disclose 
access control system wherein the access control system is incorporated into a 
computing system having an operating system and the current access profile is 
modifiable after loading of the operating system In this instance the Examiner notes the 
teachings of prior Fong. Fong discloses allowing profile data to be changed within the 
scope of template profile data (e.g., master access profile). Additionally the Examiner 
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notes that the applicant discloses in paragraph 45 that the current profile values are 
modifiable as defined by the master access profile. Therefore given the system 
disclosed above by Hearns and Wissenback, a person of ordinary skill would have 
recognized the advantage of modifying the system to enhance access profile usage by 
employing Fong's capability to allow profile parameter data to be modified in 
accordance to a base line profile data (e.g., master access profile). 



14. 13. (Cancelled). 
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Response to Arguments 
Examiner Remarks - Specification 

The Examiner withdraws the objection to applicant's specification in view of applicant's 
amendment. 

Examiner Remarks - 35 USC §101 

The Examiner withdraws rejection made under 35 USC § 101 for claim 22 in view of 
applicant's claim and specification amendment. 

Examiner Remarks - 35 USC §112 

The Examiner withdraws rejection made under 35 USC § 1 12 in view of applicant's 
claim amendment. 

Examiner Remarks- 35 U.S.C. 103(a) 

1. Applicant Asserts: 

"... Wissenbach does not teach a separate data access profile for each user, 
wherein each data access profile includes both a master data access profile and 
a current data access profile. Instead, Wissenbach teaches a "storage master" or 
super user may generate a customized profile (see [[0028]-[0032]]) and "[a]s an 
alternative to making a customized profile for each user, the system may be 
programmed with a default profile for each type of user." [[0033]] (emphasis 
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added). Thus, Wissenbach teaches that each user has a user profile that is either 
has a customized profile or the default profile for that type of user. The claim 
instead requires that "a separate data access profile for each user [... ] each data 
access profile includes both a master data access profile and a current data 
access profile for each user." 

The Examiner notes that applicant's above assertion is not a correct characterization of 
Wissenbach's system. The Examiner notes that Wissenbach discloses a multi-tier 
system [col. 1 , lines 50-60.] Moreover Wissenbach discloses that each tier comprises a 
three different users: a Super User, an Operator and a Monitor. Additionally Wissebach 
discloses a user profile for each type of user (e.g. Super User, Operator, Monitor) at 
each tier. The user profiles are noted to comprise actions for which each user can 
perform at that particular tier. Referring to figures 6-8 of Wissenbach, it is noted that 
each figure illustrates the different tiers, the different users and different user profiles. 
As noted in col. 1 , lines 50-60 and subsequently figures 6-8, a top tier has all three user 
and each user is noted to have three different user profiles. As you move down to the 
middle tier, it is noted that the middle tier has the same user as the top tier however the 
user profiles are different. The same is true as you move to Wissenbach's lower tier. 
Again the users are the same however the user profiles are different with respect to the 
above two tiers. 
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With respect to applicant's assertion that Wissenbach does not teach "data access 
profile for each user", wherein each data access profile includes both a master data 
access profile and a current data access profile, The Examiner first notes that is very 
apparent that the Wissenbach's expressly discloses user profiles for each user (e.g., 
Super User, Operator, Monitor). Refer to figures 6-8. As such applicant's assertion that 
Wissenbach does not each data access profile for each user , is not true. With regards 
to applicant's assertion that Wissenbah does not teach "wherein each data access 
profile includes both a master data access profile and a current data access profile", the 
Examiner notes Wissenbach's tier system is hierarchical comprising a top, middle and 
lower. At each level a user for example a "Super User" is illustrated to have user profile 
differing from that of a subsequent level. The top tier illustrates the sum total of actions 
that a "Super User" can perform. Subsequently if you move down to the middle tier 
Wissenbach illustrates that the "Super User" is allocated a subset of the total action 
allocated in the top tier. The Examiner notes that applicant expressly discloses in 
applicant's abstract that a current data access profile (C) is modifiable within 
parameters defined by the master data access profile (M). As such Wissenbach's top 
tier user profile for the Super User is considered equivalent to applicant's Master Profile 
and Wissenbach's middle tier Super User's profile is considered to be equivalent to 
applicant's current profile on the basis that the user profile of the Super User at the 
middle tier is a subset of Super User's profile at the top tier. 
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2. With regards to applicant assertion pertaining to Frong, the Examiner notes that 
Frong's teachings are relied upon for profile modification provisioning in view of a 
master profile template. See Frong paragraph 19. While both Hearns and Wissenbach's 
teachings certainty suggest such a feature neither reference is noted to expressly 
disclose it. With regards to applicant's remarks concerning the applicability of the Frong 
reference the Examiner notes that the Frong reference expressly establishes the state 
of the art at the time of applicant's original filing as it pertains to profile configuring 
based on a master profile. The applicant is reciting provisioning profile data in view of a 
master profile as novel however Frong teachings clearly discloses the capability to 
configure secondary profile data based on a master profile template. 

Contact Information 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to BRYAN WRIGHT whose telephone number is (571 )270- 
3826. The examiner can normally be reached on 8:30 am - 5:30 pm Monday -Friday. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Flynn Nathan can be reached on (571) 272-1915. The fax phone number 
for the organization where this application or proceeding is assigned is 571 -273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/BRYAN WRIGHT/ 
Examiner, Art Unit 2431 
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Supervisory Patent Examiner, Art Unit 2431 



